CyberLeo.Net >> Repos - FreeBSD/stable/10.git/commit

MFC r260403 (MFV r260399):

Apply vendor commits:

197e0ea Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896 For DTLS we might need to retransmit messages from the
previous session so keep a copy of write context in DTLS
retransmission buffers instead of replacing it after
sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
algorithms use the version number in the corresponding
SSL_METHOD structure instead of the SSL structure.  The
SSL structure version is sometimes inaccurate.
Note: OpenSSL 1.0.2 and later effectively do this already.
(CVE-2013-6449).

Security: CVE-2013-4353
Security: CVE-2013-6449
Security: CVE-2013-6450

git-svn-id: svn://svn.freebsd.org/base/stable/10@260404 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f

author	delphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Tue, 7 Jan 2014 20:04:41 +0000 (20:04 +0000)
committer	delphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Tue, 7 Jan 2014 20:04:41 +0000 (20:04 +0000)
commit	797e68a51c88a1bccb5bdd120f911c3a72295faa
tree	19b55dc97ffca43857b8d3d4fc5435eb0f34bc47	tree \| snapshot
parent	cfd4316c89b3a1b20b340e3311a0edb994b39d8e	commit \| diff

crypto/openssl/ssl/d1_both.c		diff \| blob \| history
crypto/openssl/ssl/s3_both.c		diff \| blob \| history
crypto/openssl/ssl/s3_lib.c		diff \| blob \| history
crypto/openssl/ssl/ssl_locl.h		diff \| blob \| history
crypto/openssl/ssl/t1_enc.c		diff \| blob \| history